CVE-2023-36970

A Cross-site scripting XSS vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload function...

Cross-site Scripting (XSS)

odoo is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the binary field widget which allows an attackers to inject arbitrary web script via crafted uploaded file names...

ChurchCRM Cross-Site Scripting Vulnerability (CNVD-2023-64493)

ChurchCRM is an open source CRM system for churches. Church CRM version v4.5.3 suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary Web script ...

Western Digital My Cloud 命令注入漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud OS 5, which originates from a remote command injection vulnerability in a CGI file in the device...

Liferay DXP 7.4.13.70 < 7.4.13.74 XSS

The detected install of Liferay DXP is between 7.4.13.70 and 7.4.13.73. It is therefore affected by a Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.13.70 through 7.4.13.73, which allows remote attackers to inject arbitrary web script or HTML...

CVE-2023-28485

A stored cross-site scripting Stored XSS vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board where they have BoardAdmin access,...

Cross site scripting

A stored cross-site scripting Stored XSS vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board where they have BoardAdmin access,...

CVE-2023-28485

A stored cross-site scripting Stored XSS vulnerability in file preview in WeKan before 6.75 allows remote authenticated users to inject arbitrary web script or HTML via names of file attachments. Any user can obtain the privilege to rename within their own board where they have BoardAdmin access,...

Adiscon LogAnalyzer 4.1.5 Cross Site Scripting

==================================================================================================================================== | Title : Adiscon LogAnalyzer V 4.1.5 Xss Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : windows 10 Français V.Pro | | Vendor :...

Liferay Portal CE 7.4.3.70 < 7.4.3.74 XSS

The detected install of Liferay Portal CE is between 7.4.3.70 and 7.4.3.73. It is therefore affected by a Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, which allows remote attackers to inject arbitrary web script or HT...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-54543)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Odobie Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. Adobe...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-100304)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

Adobe Experience Manager cross-site scripting vulnerability (CNVD-2023-100302)

Adobe Experience Manager AEM is a set of content management solutions that can be used to build websites, mobile applications and forms from the American company Audobee Adobe. The program supports mobile content management, marketing and sales campaign management and multi-site management. A...

CVE-2023-33438

A stored Cross-site scripting XSS vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML...

Cross site scripting

A stored Cross-site scripting XSS vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML...

CVE-2023-33438

A stored Cross-site scripting XSS vulnerability in Wolters Kluwer TeamMate+ 35.0.11.0 allows remote attackers to inject arbitrary web script or HTML...

CVE-2023-33438

CVE-2023-33438 describes a stored Cross-site scripting (XSS) vulnerability in Wolters Kluwer TeamMate+ version 35.0.11.0. The issue allows remote attackers to inject arbitrary web script or HTML. The connected sources consistently identify the affected product and vulnerability type, but do not p...

CVE-2023-34666

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in Phpgurukul Cyber Cafe Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the admin username parameter...

CVE-2023-3193

Cross-site scripting XSS vulnerability in the Layout module's SEO configuration in Liferay Portal 7.4.3.70 through 7.4.3.73, and Liferay DXP 7.4 update 70 through 73 allows remote attackers to inject arbitrary web script or HTML via the comliferaylayoutadminwebportletGroupPagesPortletbackURL...